package com.zhongda.cloud.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import com.zhongda.cloud.service.security.OAuthUserDetailsService;

/**
 * 
*    
* 项目名称：auth-service   
* 类名称：WebSecurityConfig   
* 类描述：spring security基本配置   
* 创建人：zxf   
* 创建时间：2017年8月18日 上午10:13:24   
* 修改人：Administrator   
* 修改时间：2017年8月18日 上午10:13:24   
* 修改备注：   
* @version    
*
 */

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	//不定义没有password grant_type
	@Override
	@Bean
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	}
	
	@Autowired
	private OAuthUserDetailsService oAuthUserDetailsService;
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		//auth.inMemoryAuthentication().withUser("anoy").password("pwd").roles("USER");
		auth.userDetailsService(oAuthUserDetailsService)
		.passwordEncoder(new BCryptPasswordEncoder());
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		// @formatter:off
		http//.authorizeRequests().antMatchers("/sample/**").permitAll().and()
			.authorizeRequests().anyRequest().authenticated()
		.and()
			.csrf().disable();
		// @formatter:on
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		// TODO Auto-generated method stub
		super.configure(web);
	}

	
}
